Pockit
How it worksWhat you saveWhy PockitGet Pockit, free
How it worksWhat you can saveWhy Pockit
Privacy PolicyTerms of ServiceGet Pockit, free
Pockit/Privacy Policy

Privacy Policy

Operator
MindNdata
App
Pockit (in.pockit.app)
Contact
support@pockit.in
Effective date
10 July 2026
On this page
1. Who we are2. Age, and who can use Pockit3. Data we collect, and why4. How saving works5. Legal basis and consent6. Who processes your data7. International transfer8. Retention and deletion9. Deleting your account10. Your rights11. Grievance redressal12. Changes to this policy13. The future of Pockit14. Contact

Pockit is a capture-and-recall app: the fastest way to save a digital thing from your phone, and the most reliable way to find it again. This policy explains what data Pockit collects, why, who processes it for us, how long we keep it, how it is protected, and the rights you have over it.

1. Who we are

Pockit is a capture-and-recall app: the fastest way to save a digital thing from your phone, and the most reliable way to find it again. Pockit is built and operated by MindNdata. MindNdata is the operating entity behind Pockit and is the party responsible for how your personal data is handled (in the language of India's Digital Personal Data Protection Act, 2023, MindNdata is the "Data Fiduciary"). MindNdata is the operator of Pockit and is not an incorporated company.

This policy is a standalone document: you can understand it on its own, without reading anything else. It is written in clear, plain language.

Pockit is India-first and is offered to users in India. This policy is designed to satisfy both India's Digital Personal Data Protection Act, 2023 and the DPDP Rules, 2025 (together, "DPDP"), and Google Play's User Data policy.

2. Age, and who can use Pockit

Pockit does not collect or verify your age. There is no date-of-birth field at sign-up and no age check anywhere in the app, so Pockit cannot and does not determine how old you are.

Pockit is made for adults, and adults may use it normally. If you are under 18 and you use Pockit, you do so on the basis that a parent or legal guardian knows you are using it, approves of that use, and gives you the supervision and guidance appropriate to your age. You and your guardian take responsibility for your use on that footing. Where a user is a child, that parental knowledge, approval, and supervision is the basis on which their personal data is processed.

Whatever a user's age, Pockit does no behavioural monitoring of children and shows them no targeted advertising (consistent with Section 9 of the DPDP Act). If you are a parent or legal guardian and you want a child's account and data removed, you can delete it from within the app or on the web (see Section 9), or write to us at support@pockit.in and we will act on it.

3. The data we collect, and why

Pockit tries to collect only what it needs to do its one job well: save your things and let you find them again by meaning. This list is kept consistent with the Google Play Data safety declaration for Pockit.

Account information

Examples: your name, email address, and a user ID.

Why: to create and secure your account, sign you in, and provide the app. You sign in with your Google account (Google Sign-In).

Content you save ("your saves")

Examples: links, social posts and reels you share in, screenshots, images, documents and PDFs, and notes you write or dictate, plus the AI-generated titles, summaries, descriptions, and the numeric "embeddings" (vector representations of meaning) that Pockit derives from them.

Why: this is the core function of the app: to store what you save, understand it, file it into a category, and make it searchable by meaning.

App-activity and in-app search

Examples: how you use the app, features you interact with, and the search queries you type inside Pockit.

Why: to operate search, improve the product, and understand which features are used.

Crash and diagnostic data

Examples: crash reports, error logs, and basic technical diagnostics.

Why: to detect, diagnose, and fix crashes and bugs, and keep the app stable.

Device or app-instance identifiers

Examples: an anonymous device or app-instance identifier generated by our analytics and crash-reporting tools.

Why: only to the extent our analytics and crash tools use one, to tell one app install or session apart from another when counting usage and grouping crashes. It is not used for advertising.

What we do not collect. Pockit does not collect your location. Pockit does not run an advertising SDK today and does not build advertising profiles. Pockit does not use any special/sensitive permissions for capture, saving works only through the Android system share sheet and the in-app Add flow. Pockit does not accept or store video files; a saved social post is represented by its link, thumbnail, and text only.

Purpose limitation and data minimisation. We use your data only for the purposes listed above (and for the disclosed legal reasons in Section 8). We do not repurpose it for anything you have not been told about. If we ever want to use your data for a genuinely new purpose, we will tell you and, where the law requires it, ask for your consent.

4. How saving and processing actually work

Understanding the data flow helps explain what happens to your content:

You share, we confirm instantly. When you share something to Pockit (or add it in-app), Pockit stores it and confirms the save. The confirmation is instant; understanding happens afterward.

Server-side background processing. After the save is confirmed, Pockit's servers read the item, write a title and description, decide which category it belongs in, and build the searchable representation. This runs in the background, on our servers.

Images are sent to our AI model as inline data (base64), not as public links. Because we already hold your file, our servers pass the image bytes directly to the AI model. Your images are not exposed as public URLs to make this work.

Your data is isolated to you. Every saved item, category, and vector is scoped to your account and protected by per-user row-level security in our database, so one user can only ever reach their own things.

Encryption in transit. Data moving between the app, our servers, and our processors is encrypted in transit using TLS/HTTPS. (Pockit does not provide end-to-end encryption, and this policy does not claim it.)

5. Legal basis and consent (DPDP)

We process your personal data on the basis of your consent, which you give when you create your account and use Pockit for the purposes described in this policy, and, where applicable, for the legitimate/legal uses the law permits (such as keeping records we are legally required to keep). You can withdraw your consent at any time, and doing so is as easy as giving it: you can delete your account and data from within the app or from the web page in Section 9. Withdrawing consent stops future processing for the affected purposes; it does not make lawful past processing unlawful.

6. Who processes your data for us (our processors)

To run Pockit, we use a small set of specialist service providers. Each acts on MindNdata's behalf and under our instructions, they are processors (Data Processors), not independent controllers of your data. Because they are processors acting for us, in Google Play's terms your data is collected, but not "shared."

Google, Gemini (paid API tier)

Performs Pockit's AI work: describing and categorising your saves, expanding search queries, "seeing" images/screenshots/thumbnails (vision), and generating the embeddings used for search. On the paid Gemini API tier, per Google's terms, Google does not use your prompts or the responses to improve Google's products/models. Google also provides Google Sign-In.

Scrape Creators

Fetches the rich data for a saved social post/link, caption, hashtags, creator name, thumbnail, and any native transcript, so the item is findable by what it actually contains. Strictly one item per save.

Apify

For an ordinary web link (not a covered social platform), fetches that single page's content so the saved link becomes a full, searchable item. Single page only, it does not crawl the rest of a site.

Supabase

Our core backend: authentication, the database (with per-user row-level security), file storage for your saved files, and the server-side functions that run processing and search.

Resend

Sends and receives transactional and support email (for example, account and support messages between you and us).

PostHog

Product analytics, how the app is used, received through a server-side proxy we run, so the app never holds analytics keys.

Sentry

Crash and error reporting, received through a server-side tunnel we run, so the app never holds a Sentry key.

We choose processors that are appropriate to their single job, and we do not add processors that are unnecessary to running Pockit. If we add, remove, or change a processor, we will update this policy (see Section 12).

7. International transfer of data

Pockit is operated from India, but some of the processors above operate and process data outside India. This means your personal data may be transferred to, stored on, or processed on servers located outside India. Where we do this, we rely on processors that commit to protecting your data and to processing it only on our instructions, and we transfer only what is needed for the purposes in this policy. By using Pockit you understand that your data may be processed outside India as described here.

8. How long we keep your data (retention) and deletion

We keep your account information and your saves for as long as your account is active, because that content is the service, it is the collection you came to Pockit to keep and search.

When you delete your account (see Section 9), we delete the personal data associated with it. We may retain limited data only where we have a disclosed, legitimate reason to, for example, to comply with a legal obligation, to resolve a dispute, or to enforce our terms, and only for as long as that reason genuinely requires. When the purpose is served or you withdraw consent, we erase the data, subject to those limited legal retention needs (consistent with DPDP erasure obligations).

9. Deleting your account and data

You are always in control of removing your data. You can request deletion of your account and its associated data in two ways, and without reinstalling the app:

In the app: open Profile, and use the account-deletion option there.

On the web: visit https://pockit.in/delete-account and follow the instructions.

Deletion removes the personal data associated with your account (your account details, your saves, their derived titles/descriptions/embeddings, and your categories), except for any limited data we must retain for the disclosed legitimate or legal reasons in Section 8. Deleting your account is also how you withdraw consent to processing.

10. Your rights (DPDP Sections 11-14)

As a person whose data we process (a "Data Principal"), you have the following rights, which you can exercise by contacting support@pockit.in or by using the in-app options:

Right to access (Section 11). You can ask for a summary of the personal data we process about you, a summary of our processing activities, and the identities of the processors with whom your data has been processed.

Right to correction and erasure (Section 12). You can ask us to correct, complete, update, or erase your personal data. Erasure is honoured except where we must retain data for the specified purpose or to comply with the law (see Section 8).

Right to grievance redressal (Section 13). You can raise a grievance with us using the mechanism in Section 11 below. This grievance route is a readily available means and must be exhausted before approaching the Data Protection Board of India.

Right to nominate (Section 14). You can nominate another individual to exercise your rights on your behalf in the event of your death or incapacity. Contact us at support@pockit.in to record a nomination.

Right to withdraw consent. You can withdraw your consent at any time, as easily as you gave it (see Sections 5 and 9).

We will not charge you for exercising these rights in the ordinary course, and we will respond within the timelines the law requires.

11. Grievance redressal and contact person

If you have a question, concern, or complaint about how Pockit handles your personal data, contact us first:

Contact for privacy and grievances: the Pockit Privacy Contact at MindNdata

Email: support@pockit.in

The Pockit Privacy Contact is the person designated to answer your questions about how we process your personal data (this fulfils the "contact person" requirement under Rule 9 of the DPDP Rules, 2025). Pockit is not a Significant Data Fiduciary, so a full Data Protection Officer is not required; the contact above is the point of contact for all data-processing questions and grievances.

Grievance timeline. We will acknowledge and work to resolve your grievance within 90 days of receiving it (consistent with Rule 14(3) of the DPDP Rules, 2025). If you are not satisfied after using this grievance mechanism, you may escalate to the Data Protection Board of India, but the law requires you to exhaust our grievance process first.

12. Changes to this policy

Pockit will evolve, and this policy will be updated over time. When we make a material change, we will update the effective date at the top, post the new version at https://pockit.in/privacy, and give you reasonable notice by appropriate means (such as in-app notice or email) before the change takes effect where the law requires it. Your continued use of Pockit after a change takes effect means you accept the updated policy. We encourage you to review this page periodically.

13. Our reservation on the future of Pockit

Today, Pockit is free and uncapped, with no advertising and no paid gates on its core promise, and nothing in this section changes that today. That said, MindNdata expressly reserves the right, in the future and with reasonable notice, to:

introduce any future revenue model, including advertising, a subscription or SaaS-style pricing model, or any other monetisation approach;

scale, change, restructure, or incorporate the underlying operating entity behind Pockit (for example, moving from the current unincorporated operating entity to an incorporated company), and to assign this policy and your data to that successor entity as part of such a change; and

update this policy and our Terms of Service over time to reflect the above, always with reasonable notice as described in Section 12.

If any such change affects how your personal data is used in a way that requires your consent, we will seek it as the law requires. If advertising is ever introduced, we will update this policy to disclose it, and we will continue to honour the child-protection commitments in Section 2 (no behavioural monitoring of children, and no targeted advertising to children).

14. Contact

Questions about this policy or your data:
Email: support@pockit.in · Web: https://pockit.in/privacy

Share what you care.

Share what you care.

The fastest way to save a digital thing from anywhere on your phone, and the most reliable way to find it again.

Get it for Android
Product
How it worksWhat you can saveWhy PockitGet Pockit
Legal
Privacy PolicyTerms of ServiceSupport
Contact
support@pockit.inOperated by MindNdataMade in India
Pockit
© 2026 Pockit · MindNdatapockit.in